Hello

I ran into the commonly known problem that under safe_mode it is
possible to create a directory with mkdir(), but impossible to create a
subdirectory inside the first one:

1 $path = $_SERVER['DOCUMENT_ROOT'].'/cache';
2 mkdir($path, 0755);
3 chmod($path, 0777);
4 mkdir($path.'/subdir', 0755);

Line 2: works (fails with 0777, though...)
Line 3: works
Line 4: Warning: mkdir() [function.mkdir]: SAFE MODE Restriction in
effect. The script whose uid is 10677 is not allowed to access
[...]/cache owned by uid 48 in [...]

Now while googling I found out that the directories must be created via
FTP, as they belong to the FTP user. I am able to do this, but when the
ftp server is busy this can significantly slow down the system.

Are there some better recommendations how to handle this? If not, as
most web sites in shared hosting environments (where safe_mode is an
issue at all) are uploaded to the server via FTP, the mkdir() function
looks quite useless to me...

Thanks for a comment!
Markus

Markus wrote:

> Are there some better recommendations how to handle this? If not, as
> most web sites in shared hosting environments (where safe_mode is an
> issue at all) are uploaded to the server via FTP, the mkdir() function
> looks quite useless to me...
>
> Thanks for a comment!
> Markus

You could :

1. Ask your hosting company to change the ownership of your folders to
48 (typically apache or www-data).
2. Ask your hosting company to use suPHP
3. Move to one of the thousands of shared hosting environments that have
seen sense and don't use safe mode, they use other security
implementations that are much better.

--
Andrew Hutchings - LinuxJedi - http://www.linuxjedi.co.uk/
Windows is the path to the darkside...Windows leads to Blue Screen. Blue
Screen leads to downtime. Downtime leads to suffering...I sense much
Windows in you...

Markus wrote:

> Are there some better recommendations how to handle this? If not, as
> most web sites in shared hosting environments (where safe_mode is an
> issue at all) are uploaded to the server via FTP, the mkdir() function
> looks quite useless to me...
>
> Thanks for a comment!
> Markus

You could :

1. Ask your hosting company to change the ownership of your folders to
48 (typically apache or www-data).
2. Ask your hosting company to use suPHP
3. Move to one of the thousands of shared hosting environments that have
seen sense and don't use safe mode, they use other security
implementations that are much better.

--
Andrew Hutchings - LinuxJedi - http://www.linuxjedi.co.uk/
Windows is the path to the darkside...Windows leads to Blue Screen. Blue
Screen leads to downtime. Downtime leads to suffering...I sense much
Windows in you...

Markus wrote:
> Hello
>
> I ran into the commonly known problem that under safe_mode it is
> possible to create a directory with mkdir(), but impossible to create a
> subdirectory inside the first one:
>
> 1 $path = $_SERVER['DOCUMENT_ROOT'].'/cache';
> 2 mkdir($path, 0755);
> 3 chmod($path, 0777);
> 4 mkdir($path.'/subdir', 0755);
> [snip]

The classic way to work around a "safe mode" is to create your php files
dynamically instead of uploading them. I.e. you upload one single
"unroll" script that generates all worker scripts and saves them to
files. Since those generated scripts are owned by apache, they won't
have any trouble accessing files that they create.


--
gosha bine

extended php parser ~ http://code.google.com/p/pihipi
blok ~ http://www.tagarga.com/blok

Andrew Hutchings schrieb:
> Markus wrote:
>
>> Are there some better recommendations how to handle this? If not, as
>> most web sites in shared hosting environments (where safe_mode is an
>> issue at all) are uploaded to the server via FTP, the mkdir() function
>> looks quite useless to me...
>>
>> Thanks for a comment!
>> Markus
>
> You could :
>
> 1. Ask your hosting company to change the ownership of your folders to
> 48 (typically apache or www-data).
> 2. Ask your hosting company to use suPHP
> 3. Move to one of the thousands of shared hosting environments that have
> seen sense and don't use safe mode, they use other security
> implementations that are much better.
>
Thank you; anyway I try to make my application work without server-side
modifications in commonly available hosting environments (well,
LAMP-based ones...), so my task is still to make it safe-mode compatible.

gosha bine schrieb:
> Markus wrote:
>> Hello
>>
>> I ran into the commonly known problem that under safe_mode it is
>> possible to create a directory with mkdir(), but impossible to create
>> a subdirectory inside the first one:
>>
>> 1 $path = $_SERVER['DOCUMENT_ROOT'].'/cache';
>> 2 mkdir($path, 0755);
>> 3 chmod($path, 0777);
>> 4 mkdir($path.'/subdir', 0755);
>> [snip]
>
> The classic way to work around a "safe mode" is to create your php files
> dynamically instead of uploading them. I.e. you upload one single
> "unroll" script that generates all worker scripts and saves them to
> files. Since those generated scripts are owned by apache, they won't
> have any trouble accessing files that they create.

Thanks, I will keep this in mind - I already thought of trying to build
a convenient installer for my application as soon as I have time; and
with this background that will be even more desirable.

Andrew Hutchings schrieb:
> Markus wrote:
>
>> Are there some better recommendations how to handle this? If not, as
>> most web sites in shared hosting environments (where safe_mode is an
>> issue at all) are uploaded to the server via FTP, the mkdir() function
>> looks quite useless to me...
>>
>> Thanks for a comment!
>> Markus
>
> You could :
>
> 1. Ask your hosting company to change the ownership of your folders to
> 48 (typically apache or www-data).
> 2. Ask your hosting company to use suPHP
> 3. Move to one of the thousands of shared hosting environments that have
> seen sense and don't use safe mode, they use other security
> implementations that are much better.
>
Thank you; anyway I try to make my application work without server-side
modifications in commonly available hosting environments (well,
LAMP-based ones...), so my task is still to make it safe-mode compatible.